研究生成SQL脚本
IF OBJECT_ID('DataAsInsCommand') IS NOT NULL DROP PROC DataAsInsCommand
GO
SET QUOTED_IDENTIFIER OFF
GO
CREATE PROC DataAsInsCommand (
@TableList varchar (200))
AS
SET NOCOUNT ON
DECLARE @position int, @exec_str varchar (2000), @TableName varchar (30)
DECLARE @name varchar(128), @xtype int, @status tinyint, @IsIdentity tinyint
SELECT @TableList = @TableList + ','
SELECT @IsIdentity = 0
SELECT @position = PATINDEX('%,%', @TableList)
WHILE (@position <> 0)
BEGIN
SELECT @TableName = SUBSTRING(@TableList, 1, @position - 1)
SELECT @TableList = STUFF(@TableList, 1, PATINDEX('%,%', @TableList), '')
SELECT @position = PATINDEX('%,%', @TableList)
相关文档:
1 防止sql注入式攻击(可用于UI层控制) #region 防止sql注入式攻击(可用于UI层控制)
2
3 /**/ ///
4 /// 判断字符串中是否有SQL攻击代码
5 ///
6 /// 传入用户提交数据
7 /// ......
看到别人在论坛的提问:
一个表的效率问题
今天碰到2张表
1张 有字段
表A有
jtbh(家庭编号) hzxm(户主姓名) hnbh(户内最大编号)
1000 张三 03
1001 赵六..........................
表 ......
Declare @T Table(
CFF_Loanno nvarchar(100),
BANK_Name_2 nvarchar(100),
CFF_code nvarchar(100),
CFF_date datetime,
CFF_amt decimal(18, 6),
......
